panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *338495 72262 0 0 0x4000000 0 syz-executor.6 db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8293d78c) at panic+0x165 sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd807956ee18,20000000,20001000) at uvm_fault_unwire_locked+0x321 sys/uvm/uvm_fault.c:1663 uvm_fault_unwire(fffffd807956ee18,20000000,20001000) at uvm_fault_unwire+0x43 sys/uvm/uvm_fault.c:1623 sys_sysctl(ffff80002a6692b8,ffff80003786bb90,ffff80003786bae0) at sys_sysctl+0x239 sys/kern/kern_sysctl.c:259 syscall(ffff80003786bb90) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9a770d75410, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8293d78c) at panic+0x165 sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd807956ee18,20000000,20001000) at uvm_fault_unwire_locked+0x321 sys/uvm/uvm_fault.c:1663 uvm_fault_unwire(fffffd807956ee18,20000000,20001000) at uvm_fault_unwire+0x43 sys/uvm/uvm_fault.c:1623 sys_sysctl(ffff80002a6692b8,ffff80003786bb90,ffff80003786bae0) at sys_sysctl+0x239 sys/kern/kern_sysctl.c:259 syscall(ffff80003786bb90) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9a770d75410, count: -7 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80003786b8a0 rbx 0 rdx 0 rcx 0 rax 0xffff80002a6692b8 r8 0x101010101010101 r9 0x8080808080808080 r10 0x563196f72fc9de59 r11 0x326af03b77908891 r12 0 r13 0xfffffd807956ee18 r14 0 r15 0x1 rip 0xffffffff814f129c db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff80003786b890 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb> show proc PROC (syz-executor.6) tid=338495 pid=72262 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a69d298,0xffff80002a669d68 process=0xffff800035dad508 user=0xffff800037866000, vmspace=0xfffffd807956ee18 estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 72262 225458 82213 0 3 0x80 nanoslp syz-executor.6 72262 15098 82213 0 2 0x4000000 syz-executor.6 *72262 338495 82213 0 7 0x4000000 syz-executor.6 72262 381 82213 0 3 0x4000080 fsleep syz-executor.6 78819 112074 64518 0 3 0x80 fsleep syz-executor.7 78819 386240 64518 0 3 0x4000080 bell syz-executor.7 56666 178739 61695 0 3 0x80 fsleep syz-executor.3 56666 76458 61695 0 3 0x4000080 netio syz-executor.3 56666 120737 61695 0 3 0x4000080 fsleep syz-executor.3 60224 279355 9397 0 3 0x80 fsleep syz-executor.0 60224 96115 9397 0 3 0x4000000 smrbar syz-executor.0 60224 473891 9397 0 3 0x4000000 clonelk syz-executor.0 60224 239531 9397 0 3 0x4000000 clonelk syz-executor.0 87753 168206 66611 0 2 0x2 syz-executor.5 36064 237826 66611 0 2 0x2 syz-executor.2 64518 90160 66611 0 3 0x82 nanoslp syz-executor.7 43198 54094 1 0 3 0x80 fsleep syz-executor.7 43198 187943 1 0 3 0x4000080 netio syz-executor.7 32606 404650 66611 0 3 0x82 nanoslp syz-executor.1 83383 260367 66611 0 3 0x82 nanoslp syz-executor.4 82213 275745 66611 0 3 0x82 nanoslp syz-executor.6 61695 414529 66611 0 3 0x82 nanoslp syz-executor.3 20699 208023 0 0 3 0x14280 nfsidl nfsio 38235 35139 0 0 3 0x14280 nfsidl nfsio 34436 337791 0 0 3 0x14280 nfsidl nfsio 88391 213925 0 0 3 0x14280 nfsidl nfsio 1615 84185 0 0 3 0x14280 nfsidl nfsio 4306 109598 0 0 3 0x14280 nfsidl nfsio 97190 514097 0 0 3 0x14280 nfsidl nfsio 60989 342244 0 0 3 0x14280 nfsidl nfsio 16682 502884 0 0 3 0x14280 nfsidl nfsio 62292 86425 0 0 3 0x14280 nfsidl nfsio 37120 90646 0 0 3 0x14280 nfsidl nfsio 63624 253204 0 0 3 0x14280 nfsidl nfsio 85806 322932 0 0 3 0x14280 nfsidl nfsio 23500 205852 0 0 3 0x14280 nfsidl nfsio 72366 91868 0 0 3 0x14280 nfsidl nfsio 40049 187832 0 0 3 0x14280 nfsidl nfsio 44685 435114 0 0 3 0x14280 nfsidl nfsio 92706 421083 0 0 3 0x14280 nfsidl nfsio 11606 315048 0 0 3 0x14280 nfsidl nfsio 98207 392771 0 0 3 0x14280 nfsidl nfsio 73775 228451 1 0 3 0x100083 ttyin getty 9397 15207 66611 0 3 0x82 nanoslp syz-executor.0 49325 462171 0 0 3 0x14200 acct acct 13314 124840 0 0 3 0x14200 bored sosplice 66611 358580 99180 0 3 0x2000082 wait syz-fuzzer 66611 498175 99180 0 3 0x6000082 thrsleep syz-fuzzer 66611 379705 99180 0 3 0x6000082 wait syz-fuzzer 66611 238454 99180 0 3 0x6000082 wait syz-fuzzer 66611 456682 99180 0 3 0x6000082 thrsleep syz-fuzzer 66611 1107 99180 0 3 0x6000082 thrsleep syz-fuzzer 66611 295853 99180 0 3 0x6000082 thrsleep syz-fuzzer 66611 72609 99180 0 3 0x6000082 wait syz-fuzzer 66611 173652 99180 0 3 0x6000082 wait syz-fuzzer 66611 337763 99180 0 3 0x6000082 kqread syz-fuzzer 66611 255277 99180 0 3 0x6000082 thrsleep syz-fuzzer 66611 351735 99180 0 3 0x6000082 wait syz-fuzzer 66611 321978 99180 0 3 0x6000082 wait syz-fuzzer 66611 55328 99180 0 3 0x6000082 wait syz-fuzzer 99180 48916 71502 0 3 0x10008a sigsusp ksh 71502 440901 21940 0 3 0x9a kqread sshd 21940 210058 1 0 3 0x88 kqread sshd 38797 216562 39357 73 3 0x1100090 kqread syslogd 39357 508556 1 0 3 0x100082 netio syslogd 3402 517611 1 0 3 0x100080 kqread resolvd 54226 501899 34928 77 3 0x100092 kqread dhcpleased 93350 36350 34928 77 3 0x100092 kqread dhcpleased 34928 121148 1 0 3 0x80 kqread dhcpleased 44200 46330 0 0 3 0x14200 bored smr 97733 172353 0 0 2 0x14200 zerothread 55385 296193 0 0 3 0x14200 aiodoned aiodoned 39782 283543 0 0 3 0x14200 syncer update 61920 186672 0 0 3 0x14200 cleaner cleaner 99123 438475 0 0 3 0x14200 reaper reaper 75645 468957 0 0 3 0x14200 pgdaemon pagedaemon 67131 227207 0 0 3 0x14200 bored viomb 7964 514920 0 0 3 0x40014200 acpi0 acpi0 95436 336221 0 0 3 0x14200 bored softnet3 38931 284125 0 0 3 0x14200 bored softnet2 43876 94679 0 0 3 0x14200 bored softnet1 99077 384705 0 0 3 0x14200 bored softnet0 14887 456836 0 0 3 0x14200 bored systqmp 76660 464392 0 0 3 0x14200 bored systq 89539 297063 0 0 3 0x40014200 tmoslp softclock 55921 263279 0 0 3 0x40014200 idle0 1 134266 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10184 6426K 7080K 166960K 24597 0 pcb 15 16K 18K 166960K 1097 0 rtable 197 14K 15K 166960K 1702 0 pf 34 9K 10K 166960K 355 0 ifaddr 42 12K 13K 166960K 296 0 ifgroup 59 2K 2K 166960K 588 0 sysctl 3 0K 0K 166960K 3 0 counters 32 17K 17K 166960K 181 0 ioctlops 0 0K 2K 166960K 733 0 iov 1 16K 26K 166960K 1153 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1546 97K 97K 166960K 6925 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 119 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 1158 0 dirhash 87 15K 18K 166960K 7986 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 73K 166960K 9105 0 sigio 0 0K 0K 166960K 459 0 proc 59 59K 75K 166960K 1661 0 subproc 117 7K 7K 166960K 468 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 699 0 in_multi 77 5K 7K 166960K 498 0 ether_multi 1 0K 0K 166960K 13 0 mrt 1 0K 0K 166960K 9 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 1738 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 451 347K 352K 166960K 86645 0 UVM aobj 131 4K 6K 166960K 134 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 288 0 NDP 13 0K 1K 166960K 236 0 temp 78 6764K 7111K 166960K 103166 0 kqueue 12 18K 28K 166960K 723 0 SYN cache 2 104K 112K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 675 0 672 9 4 5 5 0 8 4 rtentry 112 528 0 441 4 1 3 4 0 8 0 unpcb 144 7804 0 7657 24 18 6 8 0 8 0 syncache 320 108 0 108 4 3 1 1 0 8 1 tcpqe 32 133 0 133 4 3 1 1 0 8 1 tcpcb 808 3517 0 3506 33 24 9 12 0 8 7 arp 88 114 0 100 1 0 1 1 0 8 0 ipq 40 9 0 9 2 1 1 1 0 8 1 ipqe 40 31 0 31 2 1 1 1 0 8 1 inpcb 344 8886 0 8871 55 46 9 17 0 8 7 nd6 104 112 0 94 1 0 1 1 0 8 0 pkpcb 40 34 0 34 4 3 1 1 0 8 1 kcovpl 48 36 0 27 1 0 1 1 0 8 0 ppxss 1072 45 0 45 3 2 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1873 0 1498 39 12 27 29 0 8 3 art_table 32 1874 0 1498 4 0 4 4 0 8 0 art_node 16 521 0 443 1 0 1 1 0 8 0 sysvmsgpl 40 89 0 83 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 1156 0 1146 1 0 1 1 0 8 0 shmpl 112 131 0 3 4 0 4 4 0 8 0 dirhash 1024 2676 0 2634 6 0 6 6 0 8 0 dino2pl 256 13774 0 12291 93 0 93 93 0 8 0 ffsino 240 13774 0 12291 88 0 88 88 0 8 0 nchpl 144 26212 0 24561 63 0 63 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 93008 0 93006 5 4 1 3 0 8 0 vcpupl 2048 95 0 1 12 0 12 12 0 8 0 vmpool 664 110 0 16 8 0 8 8 0 8 0 kstatmem 264 324 0 298 2 0 2 2 0 8 0 scxspl 216 75972 0 75972 11 9 2 8 1 8 2 plimitpl 152 952 0 936 1 0 1 1 0 8 0 sigapl 424 9637 0 9571 8 0 8 8 0 8 0 futexpl 64 85283 0 85277 1 0 1 1 0 8 0 knotepl 120 96850 0 96768 38 28 10 17 0 8 6 kqueuepl 184 2079 0 2070 11 7 4 4 0 8 3 pipepl 288 2114 0 2085 19 12 7 7 0 8 4 fdescpl 432 9336 0 9310 4 0 4 4 0 8 0 filepl 120 61738 0 61351 37 21 16 17 0 8 4 lockfpl 104 3478 0 3476 6 4 2 3 0 8 1 lockfspl 48 1308 0 1306 2 1 1 2 0 8 0 sessionpl 144 54 0 37 1 0 1 1 0 8 0 pgrppl 48 308 0 291 1 0 1 1 0 8 0 ucredpl 104 8207 0 8197 1 0 1 1 0 8 0 zombiepl 144 9573 0 9571 1 0 1 1 0 8 0 processpl 1072 9637 0 9571 5 0 5 5 0 8 0 procpl 680 23916 0 23827 10 1 9 9 0 8 0 sosppl 168 111 0 108 4 3 1 1 0 8 0 sockpl 488 17425 0 17258 329 308 21 34 0 8 0 mcl64k 65536 443 0 443 4 3 1 1 0 8 1 mcl16k 16384 198 0 198 4 3 1 1 0 8 1 mcl12k 12288 406 0 406 4 3 1 1 0 8 1 mcl9k 9216 147 0 147 4 3 1 1 0 8 1 mcl8k 8192 562 0 562 5 4 1 1 0 8 1 mcl4k 4096 1012 0 1012 7 6 1 4 0 8 1 mcl2k2 2112 74 0 74 4 3 1 1 0 8 1 mcl2k 2048 88436 0 88383 44 30 14 29 0 8 6 mtagpl 96 1398 0 1142 16 7 9 9 0 8 2 mbufpl 256 226779 0 226435 291 257 34 80 0 8 8 bufpl 280 19709 0 13320 457 0 457 457 0 8 0 anonpl 24 1020152 0 1006513 150 39 111 111 0 188 11 amapchunkpl 152 274234 0 273360 54 13 41 43 0 158 3 amappl16 200 22248 0 21813 85 52 33 36 0 8 8 amappl15 192 13 0 12 1 0 1 1 0 8 0 amappl14 184 248 0 238 2 1 1 2 0 8 0 amappl13 176 30 0 29 3 2 1 1 0 8 0 amappl12 168 10452 0 10421 2 0 2 2 0 8 0 amappl11 160 49 0 39 1 0 1 1 0 8 0 amappl10 152 52 0 42 1 0 1 1 0 8 0 amappl9 144 159 0 159 4 3 1 1 0 8 1 amappl8 136 440 0 344 4 0 4 4 0 8 0 amappl7 128 269 0 245 2 0 2 2 0 8 0 amappl6 120 721 0 709 1 0 1 1 0 8 0 amappl5 112 268 0 260 1 0 1 1 0 8 0 amappl4 104 717 0 695 2 1 1 2 0 8 0 amappl3 96 54566 0 54467 4 0 4 4 0 8 1 amappl2 88 10242 0 10166 3 1 2 3 0 8 0 amappl1 80 43501 0 42990 22 10 12 22 0 8 0 amappl 88 85639 0 85388 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 133 0 3 3 0 3 3 0 8 0 uaddrrnd 24 9446 0 9326 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 9446 0 9326 1 0 1 1 0 8 0 vmmpekpl 168 70808 0 70717 5 0 5 5 0 8 0 vmmpepl 168 567566 0 565267 189 61 128 129 0 357 13 vmsppl 352 9445 0 9326 12 0 12 12 0 8 0 rwobjpl 24 143107 0 135519 48 0 48 48 0 8 0 pdppl 4096 18898 0 18746 630 470 160 160 0 8 8 pvpl 32 2620704 0 2601446 438 241 197 362 0 265 19 pmappl 216 9445 0 9326 7 0 7 7 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1294 0 828 15 1 14 14 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8293d78c) at panic+0x165 sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd807956ee18,20000000,20001000) at uvm_fault_unwire_locked+0x321 sys/uvm/uvm_fault.c:1663 uvm_fault_unwire(fffffd807956ee18,20000000,20001000) at uvm_fault_unwire+0x43 sys/uvm/uvm_fault.c:1623 sys_sysctl(ffff80002a6692b8,ffff80003786bb90,ffff80003786bae0) at sys_sysctl+0x239 sys/kern/kern_sysctl.c:259 syscall(ffff80003786bb90) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9a770d75410, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8293d78c) at panic+0x165 sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd807956ee18,20000000,20001000) at uvm_fault_unwire_locked+0x321 sys/uvm/uvm_fault.c:1663 uvm_fault_unwire(fffffd807956ee18,20000000,20001000) at uvm_fault_unwire+0x43 sys/uvm/uvm_fault.c:1623 sys_sysctl(ffff80002a6692b8,ffff80003786bb90,ffff80003786bae0) at sys_sysctl+0x239 sys/kern/kern_sysctl.c:259 syscall(ffff80003786bb90) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9a770d75410, count: -7